Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/F8iMDX37LNUKnbxYovu7WPACAbw.roa
File: F8iMDX37LNUKnbxYovu7WPACAbw.roa (raw, json)
Hash identifier: /rVdj6MqyGt1fU593SrgJEzswe4AyVExvJ9MeFLyehI=
Subject key identifier: 17:C8:8C:0D:7D:FB:2C:D5:0A:9D:BC:58:A2:FB:BB:58:F0:02:01:BC
Certificate issuer: /CN=b0dfafd36730396fe338e772dadbe4c3c85cd952
Certificate serial: 01856F79925BAA13E3FD0F37F35E516F769A
Authority key identifier: B0:DF:AF:D3:67:30:39:6F:E3:38:E7:72:DA:DB:E4:C3:C8:5C:D9:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/F8iMDX37LNUKnbxYovu7WPACAbw.roa
Signing time: Sun 01 Jan 2023 22:35:16 +0000
ROA not before: Sun 01 Jan 2023 22:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31287
IP address blocks: 45.66.44.0/24 maxlen: 24
45.66.47.0/24 maxlen: 24
45.66.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:92:5b:aa:13:e3:fd:0f:37:f3:5e:51:6f:76:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0dfafd36730396fe338e772dadbe4c3c85cd952
Validity
Not Before: Jan 1 22:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=17c88c0d7dfb2cd50a9dbc58a2fbbb58f00201bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:84:4a:00:92:27:32:56:14:53:1d:b5:77:29:
36:3d:7b:c0:f6:3c:40:40:26:8b:e1:81:a0:9e:4b:
ca:37:a2:5b:ad:27:5a:2d:a5:ad:9e:01:dd:54:a9:
bc:98:45:21:5c:96:34:34:23:6e:59:20:97:02:61:
a7:a8:4b:3c:be:3d:46:11:d0:ad:0c:9e:1e:89:e6:
93:e0:fe:92:9f:00:be:3b:1b:b7:c8:f8:f2:82:c9:
c2:3f:ed:41:14:dd:df:39:f4:fd:9b:76:34:ad:b5:
25:75:2c:b5:58:7b:23:b1:1f:e5:56:e3:34:52:42:
bb:f6:35:f7:42:54:cd:cd:37:24:2d:cd:2d:d5:ae:
1b:8f:a0:ff:84:24:89:5a:e9:ee:f4:fc:f2:d7:01:
8c:fb:e2:75:2c:3c:ac:32:5e:1b:e0:2d:7e:c5:13:
40:96:27:fe:ca:4d:df:d2:30:e2:c1:87:8d:2d:e6:
7f:7d:c5:f4:05:b4:60:4e:84:f2:31:b2:7f:e0:a1:
26:48:1e:c0:e6:1b:11:2f:12:6f:16:a8:20:eb:68:
30:a5:f3:8e:3f:fa:e8:91:c7:d9:ed:f8:65:ab:99:
fa:5b:ff:6d:0d:01:80:7c:ec:75:56:db:2a:68:99:
09:c8:20:81:38:e2:81:11:44:1b:37:a4:2e:29:df:
65:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:C8:8C:0D:7D:FB:2C:D5:0A:9D:BC:58:A2:FB:BB:58:F0:02:01:BC
X509v3 Authority Key Identifier:
keyid:B0:DF:AF:D3:67:30:39:6F:E3:38:E7:72:DA:DB:E4:C3:C8:5C:D9:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sN-v02cwOW_jOOdy2tvkw8hc2VI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/F8iMDX37LNUKnbxYovu7WPACAbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f696fd-4d9d-4e28-926e-0aa5b46bf8aa/1/sN-v02cwOW_jOOdy2tvkw8hc2VI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.44.0/23
45.66.47.0/24
Signature Algorithm: sha256WithRSAEncryption
70:94:34:8f:d9:0a:f9:ad:9a:d1:62:7f:28:e1:23:fa:2a:a7:
2a:2b:b7:4f:e9:4e:14:5d:ca:c2:b3:b9:5b:0c:49:92:d2:bc:
a9:8d:c5:01:24:7a:1d:c5:63:a9:31:f2:0b:8e:5c:21:f2:b2:
fd:82:5f:95:74:94:be:e8:fc:b4:77:03:c8:6e:d2:6c:b1:4b:
b2:51:e5:36:81:93:57:59:90:f3:7b:93:39:a1:11:e6:b8:41:
88:75:33:6d:4b:11:c0:af:8c:42:f7:76:ea:86:6c:ce:e0:8a:
e5:f3:3a:1e:e9:ee:5c:b5:55:b3:4c:b2:67:5a:6a:bc:f4:b4:
66:cb:48:45:a6:75:d2:e1:1b:28:58:da:a9:cf:3f:ad:8d:24:
bb:b0:e1:e9:0b:63:4f:99:ae:5f:99:90:5e:3c:e8:fb:94:7a:
68:dc:bd:8f:ed:11:f3:6c:d7:54:2e:16:1c:81:2c:8a:eb:3a:
6b:3b:b7:74:ca:90:fc:a8:f4:07:94:bf:4f:d5:96:f9:d4:9a:
6c:df:53:06:73:e9:96:7f:aa:ae:2b:89:38:71:f9:39:e4:67:
87:81:48:f2:6a:8e:5d:b6:dc:39:a9:fc:70:20:4d:e3:61:5b:
f7:cf:43:f1:f0:e8:2c:57:43:0d:d6:52:df:52:dd:7d:65:bd:
0b:59:db:b6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVveZJbqhPj/Q83815Rb3aaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwZGZhZmQzNjczMDM5NmZlMzM4ZTc3MmRhZGJlNGMzYzg1
Y2Q5NTIwHhcNMjMwMTAxMjIzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2M4OGMwZDdkZmIyY2Q1MGE5ZGJjNThhMmZiYmI1OGYwMDIwMWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4RKAJInMlYUUx21dyk2PXvA9jxA
QCaL4YGgnkvKN6JbrSdaLaWtngHdVKm8mEUhXJY0NCNuWSCXAmGnqEs8vj1GEdCt
DJ4eieaT4P6SnwC+Oxu3yPjygsnCP+1BFN3fOfT9m3Y0rbUldSy1WHsjsR/lVuM0
UkK79jX3QlTNzTckLc0t1a4bj6D/hCSJWunu9Pzy1wGM++J1LDysMl4b4C1+xRNA
lif+yk3f0jDiwYeNLeZ/fcX0BbRgToTyMbJ/4KEmSB7A5hsRLxJvFqgg62gwpfOO
P/rokcfZ7fhlq5n6W/9tDQGAfOx1VtsqaJkJyCCBOOKBEUQbN6QuKd9lJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBfIjA19+yzVCp28WKL7u1jwAgG8MB8GA1UdIwQY
MBaAFLDfr9NnMDlv4zjnctrb5MPIXNlSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc04tdjAyY3dPV19qT09keTJ0dmt3OGhjMlZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mNjk2ZmQtNGQ5ZC00ZTI4LTkyNmUt
MGFhNWI0NmJmOGFhLzEvRjhpTURYMzdMTlVLbmJ4WW92dTdXUEFDQWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mNjk2ZmQtNGQ5ZC00ZTI4LTkyNmUtMGFhNWI0NmJmOGFh
LzEvc04tdjAyY3dPV19qT09keTJ0dmt3OGhjMlZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLUIsAwQA
LUIvMA0GCSqGSIb3DQEBCwUAA4IBAQBwlDSP2Qr5rZrRYn8o4SP6KqcqK7dP6U4U
XcrCs7lbDEmS0rypjcUBJHodxWOpMfILjlwh8rL9gl+VdJS+6Py0dwPIbtJssUuy
UeU2gZNXWZDze5M5oRHmuEGIdTNtSxHAr4xC93bqhmzO4Irl8zoe6e5ctVWzTLJn
Wmq89LRmy0hFpnXS4RsoWNqpzz+tjSS7sOHpC2NPma5fmZBePOj7lHpo3L2P7RHz
bNdULhYcgSyK6zprO7d0ypD8qPQHlL9P1Zb51Jps31MGc+mWf6quK4k4cfk55GeH
gUjyao5dttw5qfxwIE3jYVv3z0Px8OgsV0MN1lLfUt19Zb0LWdu2
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:24 2024 by rpki-client on console-fra.rpki-client.org